Our new SANS research takes you inside the minds & methods of modern adversaries. Get the report ›

The Wolf in Sheep's Clothing: How Innocuous Exposures Become Infamous

Date & Time:
On-Demand Webcast
Location:
ON24
Bishop Fox webcast on exploring the perils of low-risk exposures: Wolf in Sheep's Clothing illustrated by a purple furry paw with very long claws

Every time a new CVE is published and gains traction in the press, security teams scramble to determine whether those vulnerabilities pose a threat to their business. The truth is that, in many cases, these stories simply become a distraction. In fact, the biggest risks are often vulnerabilities that are much less glamorous, yet much easier to exploit and offer more useful footholds for attackers.

While vulnerabilities like EternalBlue and Log4j garner widespread attention, there are thousands of exposures categorized as “low risk” against pre-defined severity ratings that slip through the cracks. However, in the hands of skilled attackers, many of these exposures serve as launching pads or steppingstones to more complex and destructive attacks. The challenge for many organizations is not only identifying these exposures but also determining the potential business impact in their unique environment.

Watch Wes and Joe as they explore:

  • The speed, precision, and covert nature of modern adversaries
  • Commonly observed “low risk” exposures and how they lead to destructive attacks
  • How attack surface management and continuous penetration testing can help you uncover, assess, prioritize, and remediate these types of exposures

This talk showcases examples of exposures found in real-world environments, including a step-by-step view into how ethical hackers exploited them to reach high value targets.


Joe sechman

About the speaker, Joe Sechman

AVP of R&D at Bishop Fox

Joe brings over 20 years of experience to his role as Associate Vice President of R&D where he is responsible for nurturing a culture of innovation across Bishop Fox. Over his career, Joe has amassed many security certifications, delivered several presentations, and has co-authored multiple industry publications with groups such as ISC2, ISACA, ASIS, HP, and IEEE.

Additionally, Joe is a prolific inventor with nine granted patents in the fields of dynamic and runtime application security testing, attack surface enumeration, and coverage (U.S. Patents 10,699,017, 10,515,219, 10,516,692, 10,515,220, 10,423,793, 9,846,781, 10,650,148, 10,587,641, and 11,057,395). Prior to joining Bishop Fox, Joe held leadership positions with companies such as Cobalt Labs, HP Fortify, Royal Philips, and Sunera LLC (now Focal Point Data Risk). Earlier in his career, Joe served as the lead penetration tester within SPI Labs at SPI Dynamics where he cut his teeth alongside some of the best and brightest application security industry professionals. Joe received his Bachelor of Business Administration degree in Management Information Systems from the Terry College of Business - University of Georgia.
More by Joe

Wes Hutcherson headshot

About the speaker, Wes Hutcherson

Director of Product Marketing at Bishop Fox

Wes Hutcherson is the Director of Product Marketing for Bishop Fox where he oversees market intelligence, competitive research and go-to-market strategies. His multi-faceted, technology and cyber security experience spans over a decade with market leaders such as eSentire, Hewlett-Packard and Dell SecureWorks.
More by Wes

Related Events

Extend your knowledge with these related events and webcasts.

Ready to get started? We can help.

Contact Us

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.